content/api/user-guide/1.2-ldap-in-a-few-words.mdtext - directory-site - Git at Google

 Title: 1.2 - LDAP in a few words
 NavPrev: 1.1-java-and-ldap.html
 NavPrevText: 1.1 - Java and LDAP
 NavUp: 1-introduction.html
 NavUpText: 1 - Introduction
 NavNext: 1.3-apache-ldap-api-rational.html
 NavNextText: 1.3 - The Apache LDAP API rationale
 Notice: Licensed to the Apache Software Foundation (ASF) under one
     or more contributor license agreements.  See the NOTICE file
     distributed with this work for additional information
     regarding copyright ownership.  The ASF licenses this file
     to you under the Apache License, Version 2.0 (the
     "License"); you may not use this file except in compliance
     with the License.  You may obtain a copy of the License at
     .
     http://www.apache.org/licenses/LICENSE-2.0
     .
     Unless required by applicable law or agreed to in writing,
     software distributed under the License is distributed on an
     "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
     KIND, either express or implied.  See the License for the
     specific language governing permissions and limitations
     under the License.

 # 1.2 - LDAP in a few words

 **LDAP** is not a new technlology. It has been around since the 90's to mitigate complexities inherent in **X.500** usage. Its name refers to **L**ightweight **D**irectory **A**ccess **P**rotocol. Soon after the first standard was issued, the first full *LDAP* server was created and X.500 became obsolete.

 We'll use the term **LDAP** to represent the protocol and **LDAP server** to represent the server that implements it.

 ## Features
 The **LDAP** protocol provides access to entries stored in a **LDAP Server's** database. It provides the mechanism for fast searching and retrieval of entries. Its data structures are hierarchical, and uses a schema to manage the definition of data formats allowed across those entries.

 An **LDAP** client must first connect to a server and disconnect when finished. Some operations may be performed on the data itself, e.g. searches, modifications and deletions, along with a few others.

 **LDAP** servers are extensible, but they all use a common protocol providing access to the data in a way that isn't tied to a particular vendor's implementation.

 ## Characteristics
 **LDAP** servers are fast for retrievals, having been designed specifically for this purpose. But modifications can be costly. These characteristics must be understood when writing applications that use an **LDAP** server for data storage.

 Each entry is associated with a location within its corresponding **D**irectory **I**nformation **T**ree, and we use what is known as a **D**istinguished **N**ame (or **Dn**) to describe this address. The base entry is known as the suffix.  The suffix along with all entries beneath it are collectively known as the **DIT**.

 ## Programming

 **LDAP** is a part of the **IT** landscape and so it's necessary to learn how to deal with it. **LDAP** servers are used to manage authentications, authorizations, demographic information about users and more. It's very likely that you will have to write some code to access data with **LDAP** at some point, and existing **API**s aren't quite up to the task. This **LDAP API** has been designed to simplify usage and ensure proper interaction with the server.

 ## Going further

 This was a short introduction, there's more literature about **LDAP** on the web : [Wikipedia](http://en.wikipedia.org/wiki/LDAP) provides a good starting point.
	Title: 1.2 - LDAP in a few words
	NavPrev: 1.1-java-and-ldap.html
	NavPrevText: 1.1 - Java and LDAP
	NavUp: 1-introduction.html
	NavUpText: 1 - Introduction
	NavNext: 1.3-apache-ldap-api-rational.html
	NavNextText: 1.3 - The Apache LDAP API rationale
	Notice: Licensed to the Apache Software Foundation (ASF) under one
	or more contributor license agreements. See the NOTICE file
	distributed with this work for additional information
	regarding copyright ownership. The ASF licenses this file
	to you under the Apache License, Version 2.0 (the
	"License"); you may not use this file except in compliance
	with the License. You may obtain a copy of the License at
	.
	http://www.apache.org/licenses/LICENSE-2.0
	.
	Unless required by applicable law or agreed to in writing,
	software distributed under the License is distributed on an
	"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	KIND, either express or implied. See the License for the
	specific language governing permissions and limitations
	under the License.

	# 1.2 - LDAP in a few words

	LDAP is not a new technlology. It has been around since the 90's to mitigate complexities inherent in X.500 usage. Its name refers to Lightweight Directory Access Protocol. Soon after the first standard was issued, the first full LDAP server was created and X.500 became obsolete.

	We'll use the term LDAP to represent the protocol and LDAP server to represent the server that implements it.

	## Features
	The LDAP protocol provides access to entries stored in a LDAP Server's database. It provides the mechanism for fast searching and retrieval of entries. Its data structures are hierarchical, and uses a schema to manage the definition of data formats allowed across those entries.

	An LDAP client must first connect to a server and disconnect when finished. Some operations may be performed on the data itself, e.g. searches, modifications and deletions, along with a few others.

	LDAP servers are extensible, but they all use a common protocol providing access to the data in a way that isn't tied to a particular vendor's implementation.

	## Characteristics
	LDAP servers are fast for retrievals, having been designed specifically for this purpose. But modifications can be costly. These characteristics must be understood when writing applications that use an LDAP server for data storage.

	Each entry is associated with a location within its corresponding Directory Information Tree, and we use what is known as a Distinguished Name (or Dn) to describe this address. The base entry is known as the suffix. The suffix along with all entries beneath it are collectively known as the DIT.

	## Programming

	LDAP is a part of the IT landscape and so it's necessary to learn how to deal with it. LDAP servers are used to manage authentications, authorizations, demographic information about users and more. It's very likely that you will have to write some code to access data with LDAP at some point, and existing APIs aren't quite up to the task. This LDAP API has been designed to simplify usage and ensure proper interaction with the server.

	## Going further

	This was a short introduction, there's more literature about LDAP on the web : [Wikipedia](http://en.wikipedia.org/wiki/LDAP) provides a good starting point.